As your dedicated cybersecurity services provider, CyberOne equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 47, 2025
Information security updates and events from the past week
1. Marquis Software Solutions, a software provider that serves more than 700 banks and credit unions in the U.S., has been hit by a ransomware attack that exposed sensitive customer information. The information was disclosed after Iowa-based Community 1st Credit Union notified 6,876 customers that their information had been compromised.
– The information exposed included: Social Security numbers, Tax ID numbers, account numbers and dates of birth.
– According to the union’s statement, Marquis paid the ransom “shortly after the attack.”
– The stolen data belonged to records transferred to Marquis before 2020.
– No attack group has publicly claimed responsibility currently.
– It is not known what the vector of the breach was, how much the ransom was, or whether other banks were affected.
2. Qilin Ransomware Group Claims to Have Hacked IGT – Global Gaming Giant
IGT – International Game Technology, one of the world’s largest manufacturers of gambling and casino systems, appeared on the Qilin Ransomware Group’s leak site today. The group announced that the leak is complete and that it has 10GB of data.
IGT is considered the world’s largest player in gambling, lottery, slot machines and software-based casino platforms.
The company supplies systems to countries, lottery operators, land-based casinos and online gambling sites.
Its products are used by millions of users worldwide, making this type of data leak particularly sensitive from an operational and regulatory perspective.
3. Update: JLR confirms £196 million ($220 million) damage following cybersecurity attack
Jaguar Land Rover has published its financial statements for the quarter ending September 30, officially confirming that the cyberattack that disrupted production last summer caused financial damage of £196 million, which is $220 million.
– Direct damage in the quarter: £196 million ($220 million).
– A sharp drop in pre-tax profit: £485 million, compared to a profit of £398 million last year.
– Operating margin (EBIT) fell to 8.6%, while in the same quarter last year the company presented a positive 5.1%.
– As a reminder, the British government gave JLR a £1.5 billion guarantee to restore the supply chain. The Bank of England says the incident was one of the factors behind the weakening of GDP in the third quarter.
https://media.jaguarlandrover.com/news/2025/11/jlr-performance-impacted-challenging-quarter
4. Telecom company Eurofiber France announced that it had experienced a data breach after an attacker gained access to the company’s ticketing system.
Unauthorized access allowed the attacker to extract information including: service tickets, correspondence, fault documentation, and screenshots, as well as sensitive files such as VPN configurations, SQL backups, source code, and certificates.
According to the hacker, he has information on approximately 10,000 customers, including government agencies.
Eurofiber claims that other core systems and financial data were not compromised and that the incident was limited to the French division only.
5. Princeton University has revealed that it has experienced a data breach following a phishing attack on an employee, which gave attackers unauthorized access to an internal information system.
The unauthorized access allowed the download of biographical information on alumni, donors, faculty, parents and students, including names, addresses, emails and phone numbers.
The university noted that no account information, social security numbers or passwords were exposed.
The incident has been detected and blocked and there is no evidence of a breach in other systems on campus, Princeton has notified those involved and is warning against the use of the information for targeted phishing.
6. Food delivery company DoorDash has confirmed that it has experienced a data breach, after the company’s employee fell victim to a social engineering scam.
The attacker gained access to the company’s systems by manipulating the employee, which allowed him to steal contact information for users, delivery drivers and merchants.
The information stolen from DoorDash includes full names, residential addresses, email addresses and phone numbers.
7. Logitech confirms cybersecurity attack and data theft by Clop extortion gang
Logitech, the electronics giant, has confirmed that it has experienced a cybersecurity incident that led to data exfiltration.
The attack was attributed to the Clop group, which added Logitech to its leak site and claims to have stolen approximately 1.8 terabytes of data.
The data stolen from Logitech is believed to include limited information about employees, consumers, customers and suppliers.
The company stated that it does not believe that sensitive information such as national ID numbers or credit card details was stolen, as this information was not stored on the compromised systems.
8. Checkout.com, a global payments platform, experienced a data breach after ShinyHunters cybersecurity attack.
The breach was made possible by exploiting an old and outdated cloud storage system (Legacy System) that was not properly shut down and was last used in 2020.
Internal documents, records, and merchant onboarding information were stolen, potentially impacting approximately 25% of current merchants.
The core payment processing environment was not compromised, and no merchant credit card numbers or bank funds were stolen.
The company refused to pay the ransom demanded by ShinyHunters; instead, Checkout.com decided to donate an amount equivalent to the ransom to leading research
institutions (such as Carnegie Mellon and Oxford) to support research into combating cybercrime.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
